Description
The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| VMware | Workstation Pro/Player | affected |
|
||||||
| VMware | Fusion Pro / Fusion | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: vmware
Published:
Updated: 2024-08-05T14:39:41.308Z
Reserved: 2016-12-26T00:00:00.000Z
Link: CVE-2017-4901
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2017-06-08T13:29:00.187
Modified: 2025-04-20T01:37:25.860
Link: CVE-2017-4901
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses